Benutzer-Werkzeuge

Webseiten-Werkzeuge


tachtler:dansguardian_centos_6

Dansguardian CentOS 6

DansGuardian ist ein einfach zu installierender, schneller Webseiten-Inhaltsfilter, der einem Proxy, z.B. Squid vorgeschaltet wird. Das Paket besteht aus dem eigentlichen Programm, einem Wörterbuch und einer Konfigurationsdatei. DansGuardian durchsucht Texte nach Stichwörtern aus dem Wörterbuch und addiert dessen Bewertungen. Bei Überschreiten der Schmerzgrenze wird eine HTML-Informationsseite im Browser angezeigt. Für Bilder wird das PICS-Verfahren verwendet. Das Wörterbuch besteht aus Ascii-Dateien und kann selbst editiert werden. Zusätzlich zum Wörterbuch können gesperrte URLs eingetragen werden.

Version 2.10.1.1-1.el6.x86_64

Herunterladen

Diese Version wurde von mir sehr geschätzten „Django“ - Michael Nausch paketiert und liegt in der Version 2.10.1.1-1.el6.x86_64 vor und kann unter folgendem Link bezogen werden
Dansguardian 2.10.1.1-1.el6.x86_64 - die zu herunter ladende Datei lautet aktuell

  • dansguardian-2.10.1.1-1.el6.x86_64.rpm

Installation

Ab hier werden root-Rechte zur Ausführung der nachfolgenden Befehle benötigt. Um root zu werden geben Sie bitte folgenden Befehl ein:

$ su -
Password: 

Ein mögliche Installation wäre das RPM-Paket mit folgendem Befehl zu installieren, ausgehend davon das das RPM-Paket sich im Verzeichnis /tmp befindet:

# yum localinstall --nogpgcheck /tmp/dansguardian-2.10.1.1-1.el6.x86_64.rpm

:!: HINWEIS - Eine ORIGINAL INSTALLATIONSANLEITUNG von „Django“ - Michael Nausch, kann unter folgendem Link eingesehen werden:

Folgende Dateien werden installiert, was mit nachfolgendem Befehl nach der Installation überprüft werden kann:

# rpm -qil dansguardian 
Name        : dansguardian                 Relocations: (not relocatable)
Version     : 2.10.1.1                          Vendor: django
Release     : 1.el6                         Build Date: Fri 14 Oct 2011 02:42:12 PM CEST
Install Date: Mon 17 Oct 2011 12:36:00 PM CEST      Build Host: vml010006.intra.nausch.org
Group       : System Environment/Daemons    Source RPM: dansguardian-2.10.1.1-1.el6.src.rpm
Size        : 1387134                          License: GPLv2+
Signature   : (none)
Packager    : Django
URL         : http://www.dansguardian.org/
Summary     : Content filtering web proxy
Description :
DansGuardian is a web filtering engine that checks the content within
the page itself in addition to the more traditional URL filtering.

DansGuardian is a content filtering proxy. It filters using multiple methods,
including URL and domain filtering, content phrase filtering, PICS filtering,
MIME filtering, file extension filtering, POST filtering.

Compiled with ClamAV support.
/etc/dansguardian
/etc/dansguardian/authplugins
/etc/dansguardian/authplugins/ident.conf
/etc/dansguardian/authplugins/ip.conf
/etc/dansguardian/authplugins/proxy-basic.conf
/etc/dansguardian/authplugins/proxy-digest.conf
/etc/dansguardian/authplugins/proxy-ntlm.conf
/etc/dansguardian/contentscanners
/etc/dansguardian/contentscanners/clamdscan.conf
/etc/dansguardian/contentscanners/commandlinescan.conf
/etc/dansguardian/contentscanners/icapscan.conf
/etc/dansguardian/contentscanners/kavdscan.conf
/etc/dansguardian/dansguardian.conf
/etc/dansguardian/dansguardianf1.conf
/etc/dansguardian/downloadmanagers
/etc/dansguardian/downloadmanagers/default.conf
/etc/dansguardian/downloadmanagers/fancy.conf
/etc/dansguardian/downloadmanagers/trickle.conf
/etc/dansguardian/lists
/etc/dansguardian/lists/authplugins
/etc/dansguardian/lists/authplugins/ipgroups
/etc/dansguardian/lists/bannedextensionlist
/etc/dansguardian/lists/bannediplist
/etc/dansguardian/lists/bannedmimetypelist
/etc/dansguardian/lists/bannedphraselist
/etc/dansguardian/lists/bannedregexpheaderlist
/etc/dansguardian/lists/bannedregexpurllist
/etc/dansguardian/lists/bannedsitelist
/etc/dansguardian/lists/bannedurllist
/etc/dansguardian/lists/blacklists
/etc/dansguardian/lists/blacklists/ads
/etc/dansguardian/lists/blacklists/ads/domains
/etc/dansguardian/lists/blacklists/ads/urls
/etc/dansguardian/lists/contentregexplist
/etc/dansguardian/lists/contentscanners
/etc/dansguardian/lists/contentscanners/exceptionvirusextensionlist
/etc/dansguardian/lists/contentscanners/exceptionvirusmimetypelist
/etc/dansguardian/lists/contentscanners/exceptionvirussitelist
/etc/dansguardian/lists/contentscanners/exceptionvirusurllist
/etc/dansguardian/lists/downloadmanagers
/etc/dansguardian/lists/downloadmanagers/managedextensionlist
/etc/dansguardian/lists/downloadmanagers/managedmimetypelist
/etc/dansguardian/lists/exceptionextensionlist
/etc/dansguardian/lists/exceptionfilesitelist
/etc/dansguardian/lists/exceptionfileurllist
/etc/dansguardian/lists/exceptioniplist
/etc/dansguardian/lists/exceptionmimetypelist
/etc/dansguardian/lists/exceptionphraselist
/etc/dansguardian/lists/exceptionregexpurllist
/etc/dansguardian/lists/exceptionsitelist
/etc/dansguardian/lists/exceptionurllist
/etc/dansguardian/lists/filtergroupslist
/etc/dansguardian/lists/greysitelist
/etc/dansguardian/lists/greyurllist
/etc/dansguardian/lists/headerregexplist
/etc/dansguardian/lists/logregexpurllist
/etc/dansguardian/lists/logsitelist
/etc/dansguardian/lists/logurllist
/etc/dansguardian/lists/phraselists
/etc/dansguardian/lists/phraselists/badwords
/etc/dansguardian/lists/phraselists/badwords/weighted_dutch
/etc/dansguardian/lists/phraselists/badwords/weighted_french
/etc/dansguardian/lists/phraselists/badwords/weighted_german
/etc/dansguardian/lists/phraselists/badwords/weighted_portuguese
/etc/dansguardian/lists/phraselists/badwords/weighted_spanish
/etc/dansguardian/lists/phraselists/chat
/etc/dansguardian/lists/phraselists/chat/weighted
/etc/dansguardian/lists/phraselists/chat/weighted_italian
/etc/dansguardian/lists/phraselists/conspiracy
/etc/dansguardian/lists/phraselists/conspiracy/weighted
/etc/dansguardian/lists/phraselists/domainsforsale
/etc/dansguardian/lists/phraselists/domainsforsale/weighted
/etc/dansguardian/lists/phraselists/drugadvocacy
/etc/dansguardian/lists/phraselists/drugadvocacy/weighted
/etc/dansguardian/lists/phraselists/forums
/etc/dansguardian/lists/phraselists/forums/weighted
/etc/dansguardian/lists/phraselists/gambling
/etc/dansguardian/lists/phraselists/gambling/banned
/etc/dansguardian/lists/phraselists/gambling/banned_portuguese
/etc/dansguardian/lists/phraselists/gambling/weighted
/etc/dansguardian/lists/phraselists/gambling/weighted_portuguese
/etc/dansguardian/lists/phraselists/games
/etc/dansguardian/lists/phraselists/games/weighted
/etc/dansguardian/lists/phraselists/goodphrases
/etc/dansguardian/lists/phraselists/goodphrases/exception
/etc/dansguardian/lists/phraselists/goodphrases/exception_email
/etc/dansguardian/lists/phraselists/goodphrases/weighted_general
/etc/dansguardian/lists/phraselists/goodphrases/weighted_general_danish
/etc/dansguardian/lists/phraselists/goodphrases/weighted_general_dutch
/etc/dansguardian/lists/phraselists/goodphrases/weighted_general_malay
/etc/dansguardian/lists/phraselists/goodphrases/weighted_general_polish
/etc/dansguardian/lists/phraselists/goodphrases/weighted_general_portuguese
/etc/dansguardian/lists/phraselists/goodphrases/weighted_general_swedish
/etc/dansguardian/lists/phraselists/goodphrases/weighted_news
/etc/dansguardian/lists/phraselists/googlesearches
/etc/dansguardian/lists/phraselists/googlesearches/banned
/etc/dansguardian/lists/phraselists/gore
/etc/dansguardian/lists/phraselists/gore/weighted
/etc/dansguardian/lists/phraselists/gore/weighted_portuguese
/etc/dansguardian/lists/phraselists/idtheft
/etc/dansguardian/lists/phraselists/idtheft/weighted
/etc/dansguardian/lists/phraselists/illegaldrugs
/etc/dansguardian/lists/phraselists/illegaldrugs/banned
/etc/dansguardian/lists/phraselists/illegaldrugs/weighted
/etc/dansguardian/lists/phraselists/illegaldrugs/weighted_portuguese
/etc/dansguardian/lists/phraselists/intolerance
/etc/dansguardian/lists/phraselists/intolerance/banned_portuguese
/etc/dansguardian/lists/phraselists/intolerance/weighted
/etc/dansguardian/lists/phraselists/intolerance/weighted_portuguese
/etc/dansguardian/lists/phraselists/legaldrugs
/etc/dansguardian/lists/phraselists/legaldrugs/weighted
/etc/dansguardian/lists/phraselists/malware
/etc/dansguardian/lists/phraselists/malware/weighted
/etc/dansguardian/lists/phraselists/music
/etc/dansguardian/lists/phraselists/music/weighted
/etc/dansguardian/lists/phraselists/news
/etc/dansguardian/lists/phraselists/news/weighted
/etc/dansguardian/lists/phraselists/nudism
/etc/dansguardian/lists/phraselists/nudism/weighted
/etc/dansguardian/lists/phraselists/peer2peer
/etc/dansguardian/lists/phraselists/peer2peer/weighted
/etc/dansguardian/lists/phraselists/personals
/etc/dansguardian/lists/phraselists/personals/weighted
/etc/dansguardian/lists/phraselists/personals/weighted_portuguese
/etc/dansguardian/lists/phraselists/pornography
/etc/dansguardian/lists/phraselists/pornography/banned
/etc/dansguardian/lists/phraselists/pornography/banned_portuguese
/etc/dansguardian/lists/phraselists/pornography/weighted
/etc/dansguardian/lists/phraselists/pornography/weighted_chinese
/etc/dansguardian/lists/phraselists/pornography/weighted_danish
/etc/dansguardian/lists/phraselists/pornography/weighted_dutch
/etc/dansguardian/lists/phraselists/pornography/weighted_french
/etc/dansguardian/lists/phraselists/pornography/weighted_german
/etc/dansguardian/lists/phraselists/pornography/weighted_italian
/etc/dansguardian/lists/phraselists/pornography/weighted_japanese
/etc/dansguardian/lists/phraselists/pornography/weighted_malay
/etc/dansguardian/lists/phraselists/pornography/weighted_norwegian
/etc/dansguardian/lists/phraselists/pornography/weighted_polish
/etc/dansguardian/lists/phraselists/pornography/weighted_portuguese
/etc/dansguardian/lists/phraselists/pornography/weighted_russian
/etc/dansguardian/lists/phraselists/pornography/weighted_spanish
/etc/dansguardian/lists/phraselists/pornography/weighted_swedish
/etc/dansguardian/lists/phraselists/proxies
/etc/dansguardian/lists/phraselists/proxies/weighted
/etc/dansguardian/lists/phraselists/rta
/etc/dansguardian/lists/phraselists/rta/banned
/etc/dansguardian/lists/phraselists/safelabel
/etc/dansguardian/lists/phraselists/safelabel/banned
/etc/dansguardian/lists/phraselists/secretsocieties
/etc/dansguardian/lists/phraselists/secretsocieties/weighted
/etc/dansguardian/lists/phraselists/sport
/etc/dansguardian/lists/phraselists/sport/weighted
/etc/dansguardian/lists/phraselists/translation
/etc/dansguardian/lists/phraselists/translation/weighted
/etc/dansguardian/lists/phraselists/travel
/etc/dansguardian/lists/phraselists/travel/weighted
/etc/dansguardian/lists/phraselists/upstreamfilter
/etc/dansguardian/lists/phraselists/upstreamfilter/weighted
/etc/dansguardian/lists/phraselists/violence
/etc/dansguardian/lists/phraselists/violence/weighted
/etc/dansguardian/lists/phraselists/violence/weighted_portuguese
/etc/dansguardian/lists/phraselists/warezhacking
/etc/dansguardian/lists/phraselists/warezhacking/weighted
/etc/dansguardian/lists/phraselists/weapons
/etc/dansguardian/lists/phraselists/weapons/weighted
/etc/dansguardian/lists/phraselists/weapons/weighted_portuguese
/etc/dansguardian/lists/phraselists/webmail
/etc/dansguardian/lists/phraselists/webmail/weighted
/etc/dansguardian/lists/pics
/etc/dansguardian/lists/urlregexplist
/etc/dansguardian/lists/weightedphraselist
/etc/httpd/conf.d/dansguardian.conf
/etc/logrotate.d/dansguardian
/etc/rc.d/init.d/dansguardian
/usr/sbin/dansguardian
/usr/share/dansguardian
/usr/share/dansguardian/dansguardian.pl
/usr/share/dansguardian/languages
/usr/share/dansguardian/languages/arspanish
/usr/share/dansguardian/languages/arspanish/fancydmtemplate.html
/usr/share/dansguardian/languages/arspanish/messages
/usr/share/dansguardian/languages/arspanish/template.html
/usr/share/dansguardian/languages/bulgarian
/usr/share/dansguardian/languages/bulgarian/fancydmtemplate.html
/usr/share/dansguardian/languages/bulgarian/messages
/usr/share/dansguardian/languages/bulgarian/template.html
/usr/share/dansguardian/languages/chinesebig5
/usr/share/dansguardian/languages/chinesebig5/fancydmtemplate.html
/usr/share/dansguardian/languages/chinesebig5/messages
/usr/share/dansguardian/languages/chinesebig5/template.html
/usr/share/dansguardian/languages/chinesegb2312
/usr/share/dansguardian/languages/chinesegb2312/fancydmtemplate.html
/usr/share/dansguardian/languages/chinesegb2312/messages
/usr/share/dansguardian/languages/chinesegb2312/template.html
/usr/share/dansguardian/languages/czech
/usr/share/dansguardian/languages/czech/fancydmtemplate.html
/usr/share/dansguardian/languages/czech/messages
/usr/share/dansguardian/languages/czech/template.html
/usr/share/dansguardian/languages/danish
/usr/share/dansguardian/languages/danish/fancydmtemplate.html
/usr/share/dansguardian/languages/danish/messages
/usr/share/dansguardian/languages/danish/template.html
/usr/share/dansguardian/languages/dutch
/usr/share/dansguardian/languages/dutch/fancydmtemplate.html
/usr/share/dansguardian/languages/dutch/messages
/usr/share/dansguardian/languages/dutch/template.html
/usr/share/dansguardian/languages/french
/usr/share/dansguardian/languages/french/fancydmtemplate.html
/usr/share/dansguardian/languages/french/messages
/usr/share/dansguardian/languages/french/template.html
/usr/share/dansguardian/languages/german
/usr/share/dansguardian/languages/german/fancydmtemplate.html
/usr/share/dansguardian/languages/german/messages
/usr/share/dansguardian/languages/german/template.html
/usr/share/dansguardian/languages/hebrew
/usr/share/dansguardian/languages/hebrew/fancydmtemplate.html
/usr/share/dansguardian/languages/hebrew/messages
/usr/share/dansguardian/languages/hebrew/template.html
/usr/share/dansguardian/languages/hungarian
/usr/share/dansguardian/languages/hungarian/fancydmtemplate.html
/usr/share/dansguardian/languages/hungarian/messages
/usr/share/dansguardian/languages/hungarian/template.html
/usr/share/dansguardian/languages/indonesian
/usr/share/dansguardian/languages/indonesian/fancydmtemplate.html
/usr/share/dansguardian/languages/indonesian/messages
/usr/share/dansguardian/languages/indonesian/template.html
/usr/share/dansguardian/languages/italian
/usr/share/dansguardian/languages/italian/fancydmtemplate.html
/usr/share/dansguardian/languages/italian/messages
/usr/share/dansguardian/languages/italian/template.html
/usr/share/dansguardian/languages/japanese
/usr/share/dansguardian/languages/japanese/fancydmtemplate.html
/usr/share/dansguardian/languages/japanese/messages
/usr/share/dansguardian/languages/japanese/template.html
/usr/share/dansguardian/languages/lithuanian
/usr/share/dansguardian/languages/lithuanian/fancydmtemplate.html
/usr/share/dansguardian/languages/lithuanian/messages
/usr/share/dansguardian/languages/lithuanian/template.html
/usr/share/dansguardian/languages/malay
/usr/share/dansguardian/languages/malay/fancydmtemplate.html
/usr/share/dansguardian/languages/malay/messages
/usr/share/dansguardian/languages/malay/template.html
/usr/share/dansguardian/languages/mxspanish
/usr/share/dansguardian/languages/mxspanish/fancydmtemplate.html
/usr/share/dansguardian/languages/mxspanish/messages
/usr/share/dansguardian/languages/mxspanish/template.html
/usr/share/dansguardian/languages/polish
/usr/share/dansguardian/languages/polish/fancydmtemplate.html
/usr/share/dansguardian/languages/polish/messages
/usr/share/dansguardian/languages/polish/template.html
/usr/share/dansguardian/languages/portuguese
/usr/share/dansguardian/languages/portuguese/fancydmtemplate.html
/usr/share/dansguardian/languages/portuguese/messages
/usr/share/dansguardian/languages/portuguese/template.html
/usr/share/dansguardian/languages/ptbrazilian
/usr/share/dansguardian/languages/ptbrazilian/fancydmtemplate.html
/usr/share/dansguardian/languages/ptbrazilian/messages
/usr/share/dansguardian/languages/ptbrazilian/template.html
/usr/share/dansguardian/languages/russian-1251
/usr/share/dansguardian/languages/russian-1251/fancydmtemplate.html
/usr/share/dansguardian/languages/russian-1251/messages
/usr/share/dansguardian/languages/russian-1251/template.html
/usr/share/dansguardian/languages/russian-koi8-r
/usr/share/dansguardian/languages/russian-koi8-r/fancydmtemplate.html
/usr/share/dansguardian/languages/russian-koi8-r/messages
/usr/share/dansguardian/languages/russian-koi8-r/template.html
/usr/share/dansguardian/languages/slovak
/usr/share/dansguardian/languages/slovak/fancydmtemplate.html
/usr/share/dansguardian/languages/slovak/messages
/usr/share/dansguardian/languages/slovak/template.html
/usr/share/dansguardian/languages/spanish
/usr/share/dansguardian/languages/spanish/fancydmtemplate.html
/usr/share/dansguardian/languages/spanish/messages
/usr/share/dansguardian/languages/spanish/template.html
/usr/share/dansguardian/languages/swedish
/usr/share/dansguardian/languages/swedish/fancydmtemplate.html
/usr/share/dansguardian/languages/swedish/messages
/usr/share/dansguardian/languages/swedish/template.html
/usr/share/dansguardian/languages/turkish
/usr/share/dansguardian/languages/turkish/fancydmtemplate.html
/usr/share/dansguardian/languages/turkish/messages
/usr/share/dansguardian/languages/turkish/template.html
/usr/share/dansguardian/languages/ukenglish
/usr/share/dansguardian/languages/ukenglish/fancydmtemplate.html
/usr/share/dansguardian/languages/ukenglish/messages
/usr/share/dansguardian/languages/ukenglish/template.html
/usr/share/dansguardian/transparent1x1.gif
/usr/share/doc/dansguardian-2.10.1.1
/usr/share/doc/dansguardian-2.10.1.1/AuthPlugins
/usr/share/doc/dansguardian-2.10.1.1/COPYING
/usr/share/doc/dansguardian-2.10.1.1/ContentScanners
/usr/share/doc/dansguardian-2.10.1.1/DownloadManagers
/usr/share/doc/dansguardian-2.10.1.1/FAQ
/usr/share/doc/dansguardian-2.10.1.1/FAQ.html
/usr/share/doc/dansguardian-2.10.1.1/INSTALL
/usr/share/doc/dansguardian-2.10.1.1/Plugins
/usr/share/doc/dansguardian-2.10.1.1/README
/usr/share/doc/dansguardian-2.10.1.1/UPGRADING
/usr/share/man/man8/dansguardian.8.gz
/var/log/dansguardian

Konfiguration

Nach der Installation von DansGuardian befindet sich die eigentlichen Konfigurationsdateien im Verzeichnis

  • /etc/dansguardian

Weitere wichtige Bestandteile sind noch:

  • /etc/httpd/conf.d/dansguardian.conf
  • /etc/logrotate.d/dansguardian
  • /etc/rc.d/init.d/dansguardian
  • :!: /usr/share/dansguardian/dansguardian.pl

Log-Informationen von DansGuardian werden in

  • /var/log/dansguardian

abgelegt.

Bevor die wichtigsten Konfigurationsdateien genauer betrachtet werden sollen, hier noch Detailinformationen zu den weiteren wichtigen Bestandteilen.

Die Konfigurationsdatei /etc/httpd/conf.d/dansguardian.conf könnte wie folgt angepasst werden:

### You may need to include conf.d/dansguardian.conf to make it work.
ScriptAlias /dansguardian/ /usr/share/dansguardian
 
<Directory /usr/share/dansguardian/dansguardian.pl>
        DirectoryIndex dansguardian.pl
        Options ExecCGI
        order deny,allow
        deny from all
        allow from 127.0.0.1
</Directory>

* Dies ist der Aufruf eines Perl-Script /usr/share/dansguardian/dansguardian.pl zur Generierung der HTML-Informationsseite

:!: HINWEIS - Nur relevant, wenn in der Konfigurationsdatei

  • /etc/dansguardian/dansguardian.conf

der Parameter

  • reportinglevel

auf den Wert 1 oder 2 gesetzte werden !!!

Konfigurationsdateien

Nach der Installation des DansGuardian-Paketes sind folgende Konfigurationsdateien von Bedeutung:

  • /etc/dansguardian/dansguardian.conf (Haupt- und Programmkonfigurationsdatei)
  • /etc/dansguardian/dansguardianf1.conf (Filterkonfigurationsdatei)

Zusätzlich sind folgende Verbots-Inhaltsfilterdateien von Bedeutung:

  • /etc/dansguardian/lists/bannedextensionlist (Dateianhänge)
  • /etc/dansguardian/lists/bannediplist (IP-Adressen)
  • /etc/dansguardian/lists/bannedmimetypelist (MIME-Typen)
  • /etc/dansguardian/lists/bannedphraselist (Wortlisten)
  • :!: /etc/dansguardian/lists/bannedregexpheaderlist (RegEx-Header's)
  • /etc/dansguardian/lists/bannedregexpurllist (RegEx-URL's)
  • /etc/dansguardian/lists/bannedsitelist (Seiten)
  • /etc/dansguardian/lists/bannedurllist (URL'S)

und folgende Erlaubnis-Inhaltsfilterdateien von Bedeutung:

  • :!: /etc/dansguardian/lists/exceptionextensionlist (Datei-Endungen)
  • :!: /etc/dansguardian/lists/exceptionfilesitelist (Seiten)
  • :!: /etc/dansguardian/lists/exceptionfileurllist (URL's)
  • /etc/dansguardian/lists/exceptioniplist (IP-Adressen)
  • :!: /etc/dansguardian/lists/exceptionmimetypelist (Datei-Typen)
  • /etc/dansguardian/lists/exceptionphraselist (Wortlisten)
  • :!: /etc/dansguardian/lists/exceptionregexpurllist (RegEx-URL's)
  • /etc/dansguardian/lists/exceptionsitelist (Seiten)
  • /etc/dansguardian/lists/exceptionurllist (URL's)

und folgende Sonstige-Inhaltsfilterdateien von Bedeutung:

  • /etc/dansguardian/lists/contentregexplist (Ersetzt/Zensiert Wörter)
  • /etc/dansguardian/lists/filtergroupslist (Gruppenfilter)
  • /etc/dansguardian/lists/greysitelist (Als unerwünschte Seiten im Internet gelistet)
  • /etc/dansguardian/lists/greyurllist (Als unerwünschte URL's im Internet gelistet)
  • /etc/dansguardian/lists/headerregexplist (RegEx-Header Manipulationen ausgehender Verkehr)
  • /etc/dansguardian/lists/logregexpurllist (RegEx-URL's zur erweiterten LOG-Analyse)
  • /etc/dansguardian/lists/logsitelist (Seiten zur erweiterten LOG-Analyse)
  • /etc/dansguardian/lists/logurllist (URL's zur erweiterten LOG-Analyse)
  • /etc/dansguardian/lists/pics (Bildüberprüfungsparameter)
  • /etc/dansguardian/lists/urlregexplist (RegEx-URL's Modifizierung unerwünschten Inhalts)

Konfigurationsdatei /etc/dansguardian/dansguardian.conf

Da die Konfigurationsdatei /etc/dansguardian/dansguardian.conf aufgrund von doch einigen Kommentar- und Leerzeichen sehr schnell an Übersichtlichkeit verliert, kann mit folgendem Befehl eine Ausgabe ohne Kommentar- und Leerzeilen erzeugt werden, welche dann nach der Grundinstallation von DansGuardian wie folgt aussehen sollte:

# egrep -v '(^#|^$)' /etc/dansguardian/dansguardian.conf
Die Konfigurationsdatei /etc/dansguardian/dansguardian.conf ohne Kommentar- und Leerzeichen:
# egrep -v '(^#|^$)' /etc/dansguardian/dansguardian.conf
reportinglevel = 3
languagedir = '/usr/share/dansguardian/languages'
language = 'ukenglish'
loglevel = 2
logexceptionhits = 2
logfileformat = 1
filterip =
filterport = 8080
proxyip = 127.0.0.1
proxyport = 3128
originalip = on
accessdeniedaddress = 'http://YOURSERVER.YOURDOMAIN/cgi-bin/dansguardian.pl'
nonstandarddelimiter = on
usecustombannedimage = on
custombannedimagefile = '/usr/share/dansguardian/transparent1x1.gif'
filtergroups = 1
filtergroupslist = '/etc/dansguardian/lists/filtergroupslist'
bannediplist = '/etc/dansguardian/lists/bannediplist'
exceptioniplist = '/etc/dansguardian/lists/exceptioniplist'
showweightedfound = on
weightedphrasemode = 2
urlcachenumber = 1000
urlcacheage = 900
scancleancache = on
phrasefiltermode = 2
preservecase = 0
hexdecodecontent = off
forcequicksearch = off
reverseaddresslookups = off
reverseclientiplookups = off
logclienthostnames = off
createlistcachefiles = on
maxuploadsize = -1
maxcontentfiltersize = 256
maxcontentramcachescansize = 2000
maxcontentfilecachescansize = 20000
filecachedir = '/tmp'
deletedownloadedtempfiles = on
initialtrickledelay = 20
trickledelay = 10
downloadmanager = '/etc/dansguardian/downloadmanagers/fancy.conf'
downloadmanager = '/etc/dansguardian/downloadmanagers/default.conf'
contentscannertimeout = 60
contentscanexceptions = off
recheckreplacedurls = off
forwardedfor = off
usexforwardedfor = off
logconnectionhandlingerrors = on
logchildprocesshandling = off
maxchildren = 120
minchildren = 8
minsparechildren = 4
preforkchildren = 6
maxsparechildren = 32
maxagechildren = 500
maxips = 0
ipcfilename = '/tmp/.dguardianipc'
urlipcfilename = '/tmp/.dguardianurlipc'
ipipcfilename = '/tmp/.dguardianipipc'
nodaemon = off
nologger = off
logadblocks = off
loguseragent = off
softrestart = off
mailer = '/usr/sbin/sendmail -t'

Änderungen an /etc/dansguardian/dansguardian.conf

Änderung der Sprache auf deutsch:

  • language = 'german'

Auskommentierung aufgehoben für den Speicherort der Log-Datei:

  • loglocation = '/var/log/dansguardian/access.log'

Filter für die IP-Adresse, an der der DansGuardian lauschen soll (:!: es ist nur eine möglich):

  • filterip = 192.168.0.1

Pfad zum Script /var/www/dansguardian/dansguardian.pl:

Änderung des Parameterwertes (:!: gegen die Empfehlung, da sonst das Download-Manager-Plugin „fancy“ NICHT funktioniert !!!)

  • initialtrickledelay = 2

Änderung des Parameterwertes (:!: gegen die Empfehlung, da sonst das Download-Manager-Plugin „fancy“ NICHT funktioniert !!!)

  • trickledelay = 1

Auskommentierung aufgehoben zur Anzeige von Benutzerkennungen im Log-File (:!: Es wird ebenfalls squid als Proxy verwendet):

  • authplugin = '/etc/dansguardian/authplugins/proxy-basic.conf'

Änderung der Einstellung für „x-forward“ der unrsprünglichen IP-Adresse des Clients und nicht der des DansGuardian zum HTTP-Header

  • forwardedfor = on

Änderung der Einstellung für „x-forward“ der unrsprünglichen IP-Adresse des Clients und nicht der des DansGuardian zur Auswertung durch einen nachgelagerten Proxy-Server wie z.B. Squid

  • usexforwardedfor = on

Auskommentierung aufgehoben für den Speicherort der PID-Datei (DansGuardian Laufzeit-Nummer)

  • pidfilename = '/var/run/dansguardian.pid'

Konfigurationsdatei /etc/dansguardian/dansguardianf1.conf

Die Konfigurationsdatei /etc/dansguardian/dansguardianf1.conf welche dann nach der Grundinstallation von DansGuardian wie folgt aussieht, wird folgendermaßen angepasst:

groupmode = 1
bannedphraselist = '/etc/dansguardian/lists/bannedphraselist'
weightedphraselist = '/etc/dansguardian/lists/weightedphraselist'
exceptionphraselist = '/etc/dansguardian/lists/exceptionphraselist'
bannedsitelist = '/etc/dansguardian/lists/bannedsitelist'
greysitelist = '/etc/dansguardian/lists/greysitelist'
exceptionsitelist = '/etc/dansguardian/lists/exceptionsitelist'
bannedurllist = '/etc/dansguardian/lists/bannedurllist'
greyurllist = '/etc/dansguardian/lists/greyurllist'
exceptionurllist = '/etc/dansguardian/lists/exceptionurllist'
exceptionregexpurllist = '/etc/dansguardian/lists/exceptionregexpurllist'
bannedregexpurllist = '/etc/dansguardian/lists/bannedregexpurllist'
picsfile = '/etc/dansguardian/lists/pics'
contentregexplist = '/etc/dansguardian/lists/contentregexplist'
urlregexplist = '/etc/dansguardian/lists/urlregexplist'
blockdownloads = off
exceptionextensionlist = '/etc/dansguardian/lists/exceptionextensionlist'
exceptionmimetypelist = '/etc/dansguardian/lists/exceptionmimetypelist'
bannedextensionlist = '/etc/dansguardian/lists/bannedextensionlist'
bannedmimetypelist = '/etc/dansguardian/lists/bannedmimetypelist'
exceptionfilesitelist = '/etc/dansguardian/lists/exceptionfilesitelist'
exceptionfileurllist = '/etc/dansguardian/lists/exceptionfileurllist'
headerregexplist = '/etc/dansguardian/lists/headerregexplist'
bannedregexpheaderlist = '/etc/dansguardian/lists/bannedregexpheaderlist'
naughtynesslimit = 50
categorydisplaythreshold = 0
embeddedurlweight = 0
enablepics = off
bypass = 0
bypasskey = ''
infectionbypass = 0
infectionbypasskey = ''
infectionbypasserrorsonly = on
disablecontentscan = off
deepurlanalysis = off
usesmtp = off
mailfrom = ''
avadmin = ''
contentadmin = ''
avsubject = 'dansguardian virus block'
contentsubject = 'dansguardian violation'
notifyav = off
notifycontent = off
thresholdbyuser = off
violations = 0
threshold = 0

Änderungen an /etc/dansguardian/dansguardianf1.conf

Änderung des Bewertungsschwellwertes:

  • naughtynesslimit = 100

Konfiguration von Filtergruppen

Unter der Konfiguration von Filtergruppen ist hier das unterschiedliche behandeln von Personen, je nach dem in welcher Filtergruppe diese sind, gemeint. Ein Beispiel wäre:

  • Eltern –> Filtergruppe 1
  • Kinder –> Filtergruppe 2

oder vergleichbare Szenarien, in denen Personen unterschiedliche rechte haben sollen, was das Filtern des Inhalts der Seiten durch DansGuardian betrifft.

Um dies zu bewerkstelligen sind folgende Anpassungen an der bisherigen Konfiguration notwendig:

  1. Anpassen der dansguardian.conf um weitere Parameter
  2. Anpassen der filtergrouplist um weitere Parameter
  3. Erstellen einer weiteren dansguardianf<Nummer>.conf-Datei (hier z.B. dansguardianf2.conf)
  4. Neuerstellung von Banned- und Exception-Dateien

Filtergruppen: dansguardian.conf

Folgende zusätzlich Anpassungen an der Konfigurationsdatei /etc/dansguardian/dansguardian.conf von DansGuardian sind erforderlich (nur relevanter Ausschnitt):

...
# Filter groups options
# filtergroups sets the number of filter groups. A filter group is a set of content
# filtering options you can apply to a group of users.  The value must be 1 or more.
# DansGuardian will automatically look for dansguardianfN.conf where N is the filter
# group.  To assign users to groups use the filtergroupslist option.  All users default
# to filter group 1.  You must have some sort of authentication to be able to map users
# to a group.  The more filter groups the more copies of the lists will be in RAM so
# use as few as possible.
# Tachtler
# default: filtergroups = 1
filtergroups = 3
filtergroupslist = '/etc/dansguardian/lists/filtergroupslist'
...

Filtergruppen: filtergroupslist

Folgende Änderungen sind an der /etc/dansguardian/filtergroupslist von DansGuardian notwendig (komplette Konfigurationsdatei):

# Filter Groups List file for DansGuardian
#
# Format is <user>=filter<1-99> where 1-99 are the groups
#
# Eg:
# daniel=filter2
#
# This file is only of use if you have more than 1 filter group
#
 
# Tachtler
klaus=filter2

Filtergruppen: dansguardianf2.conf

Zuerst kann durch kopieren der bestehenden Konfigurationsdatei /etc/dansguardian/dansguardianf1.conf von DansGuardian mit nachfolgendem Befehl eine weitere mit dem Namen /etc/dansguardian/dansguardianf2.conf erstellt werden:

# cp -a /etc/dansguardian/dansguardianf1.conf /etc/dansguardian/dansguardianf2.conf

Hier können dann die entsprechenden Banned- und Exception-Dateien entsprechend neu angegeben werden (siehe die Ergänzung _f2):

# egrep -v '(^#|^$)' /etc/dansguardian/dansguardianf2.conf
groupmode = 1
bannedphraselist = '/etc/dansguardian/lists/bannedphraselist_f2'
weightedphraselist = '/etc/dansguardian/lists/weightedphraselist_f2'
exceptionphraselist = '/etc/dansguardian/lists/exceptionphraselist_f2'
bannedsitelist = '/etc/dansguardian/lists/bannedsitelist_f2'
greysitelist = '/etc/dansguardian/lists/greysitelist_f2'
exceptionsitelist = '/etc/dansguardian/lists/exceptionsitelist_f2'
bannedurllist = '/etc/dansguardian/lists/bannedurllist_f2'
greyurllist = '/etc/dansguardian/lists/greyurllist_f2'
exceptionurllist = '/etc/dansguardian/lists/exceptionurllist_f2'
exceptionregexpurllist = '/etc/dansguardian/lists/exceptionregexpurllist_f2'
bannedregexpurllist = '/etc/dansguardian/lists/bannedregexpurllist_f2'
picsfile = '/etc/dansguardian/lists/pics_f2'
contentregexplist = '/etc/dansguardian/lists/contentregexplist_f2'
urlregexplist = '/etc/dansguardian/lists/urlregexplist_f2'
blockdownloads = off
exceptionextensionlist = '/etc/dansguardian/lists/exceptionextensionlist_f2'
exceptionmimetypelist = '/etc/dansguardian/lists/exceptionmimetypelist_f2'
bannedextensionlist = '/etc/dansguardian/lists/bannedextensionlist_f2'
bannedmimetypelist = '/etc/dansguardian/lists/bannedmimetypelist_f2'
exceptionfilesitelist = '/etc/dansguardian/lists/exceptionfilesitelist_f2'
exceptionfileurllist = '/etc/dansguardian/lists/exceptionfileurllist_f2'
headerregexplist = '/etc/dansguardian/lists/headerregexplist_f2'
bannedregexpheaderlist = '/etc/dansguardian/lists/bannedregexpheaderlist_f2'
naughtynesslimit = 100
categorydisplaythreshold = 0
embeddedurlweight = 0
enablepics = off
bypass = 0
bypasskey = ''
infectionbypass = 0
infectionbypasskey = ''
infectionbypasserrorsonly = on
disablecontentscan = off
deepurlanalysis = off
htmltemplate = 'templatef2.html'
usesmtp = off
mailfrom = ''
avadmin = ''
contentadmin = ''
avsubject = 'dansguardian virus block'
contentsubject = 'dansguardian violation'
notifyav = off
notifycontent = off
thresholdbyuser = off
violations = 0
threshold = 0

Änderungen an /etc/dansguardian/dansguardianf2.conf

Anzeige einer anderen HTML-Datei als bei der Standard-Konfiguration:

  • htmltemplate = 'template_f2.html'

Filtergruppen: Dansguardian Neustart

Ein Möglichkeit den DansGuardian neu zu starten, dabei aber

  • die vorhandenen Verbindungen nicht zu unterbrechen
  • und nur die neuen Filter-Regeln zu laden

kann mit folgendem Befehl erreicht werden:

# /usr/sbin/dansguardian -g

Filtergruppen: Banned- und Exception-Dateien

:!: Dies ist ein Beispiel für die Anpassungen an der Konfigurationsdatei /etc/dansguardian/bannedsitelist_f2 von DansGuardian für die hier - individuell gesperrten Seiten der Filtergruppe 2 - können wie folgt aussehen (nur relevanter Ausschnitt):

#domains in banned list
#Don't bother with the www. or the http://
 
#The bannedurllist is for blocking PART of a site
#The bannedsitelist is for blocking ALL of a site
 
#As of DansGuardian 2.7.3 you can now include
#.tld so for example you can match .gov for example
 
#The 'grey' lists override the 'banned' lists.
#The 'exception' lists override the 'banned' lists also.
#The difference is that the 'exception' lists completely switch
#off *all* other filtering for the match.  'grey' lists only
#stop the URL filtering and allow the normal filtering to work.
 
#An example of grey list use is when in Blanket Block (whitelist)
#mode and you want to allow some sites but still filter as normal
#on their content
 
#Another example of grey list use is when you ban a site but want
#to allow part of it.
 
#To include additional files in this list use this example:
#.Include</etc/dansguardian/anotherbannedurllist>
 
#You can have multiple .Includes.
 
# Time limiting syntax:
# #time: <start hour> <start minute> <end hour> <end minute> <days>
# Example:
##time: 9 0 17 0 01234
# Remove the first # from the line above to enable this list only from
# 9am to 5pm, Monday to Friday.
 
# List categorisation
#listcategory: "Banned Sites"
 
#List other sites to block:
 
badboys.com
 
#Tachtler
lokalisten.de
 
...

Filtergruppen: Dansguardian Neustart

Ein Möglichkeit den DansGuardian neu zu starten, dabei aber

  • die vorhandenen Verbindungen nicht zu unterbrechen
  • und nur die neuen Filter-Regeln zu laden

kann mit folgendem Befehl erreicht werden:

# /usr/sbin/dansguardian -g

Konfiguration von "Bypass"

Unter einem sogenannten „Bypass“ wird im DansGuardian die Möglichkeit verstanden, beim erscheinen der „Access Denied“ (Zugriff verweigert-Seite) einen Link auf dieser Seite anzuklicken, um dann ein Passwort einzugeben und damit dann die Seite doch für einen gewissen Zeitraum angezeigt zu bekommen, obwohl diese durch die exception-Dateien eigentlich gesperrt ist.

:!: Um DansGuardian zu so einem Verhalten zu veranlassen, sind folgende Schritte notwendig:

  1. Die Freigabe auf eine Filtergruppe beschränken
  2. Anpassungen an der dansguardianf<Nummer>.conf-Datei um weitere Parameter
  3. Die entsprechende HTML-Datei anpassen - template.html, welche den entsprechendem -BYPASS- Link enthält

Bypass: Freigabe Filtergruppe

Zur Erstellung einer entsprechenden Filtergruppe - kann folgendes Vorgehen gewählt werden Konfiguration von Filtergruppen

Bypass: dansguardianf2.conf

In diesem Beispiel wird die Konfigurationsdatei /etc/dansguardian/dansguardianf2.conf verwendet und um folgenden Parameter erweitert (nur relevanter Ausschnitt):

...
# Temporary Denied Page Bypass
# It provides a link on the denied page to bypass the ban for a few minutes.  To be
# secure it uses a random hashed secret generated at daemon startup.  You define the
# number of seconds the bypass will function for before the deny will appear again.
# To allow the link on the denied page to appear you will need to edit the template.html
# or dansguardian.pl file for your language.
# 300 = enable for 5 minutes
# 0 = disable ( defaults to 0 )
# -1 = enable but you require a seperate program to generate a valid link
# Tachtler
# default: bypass = 0
bypass = 300
 
# Temporary Denied Page Bypass Secret Key
# Rather than generating a random key you can specify one.  It must be more than 8 chars.
# '' = generate a random one (recommended and default)
# 'Mary had a little lamb.' = an example
# '76b42abc1cd0fdcaf6e943dcbc93b826' = an example
bypasskey = ''

Bypass: Anpassung template.html

Folgender Link kann mit nachfolgendem HTML-Code auf der HTML-Seite „Access Denied“ (Zugriff verweigert-Seite) eingefügt werden:

...
        <br><br>
        Zeitlich begrenzten Zugriff auf diese Seite trotzdem durchführen <a href="-BYPASS-">Bypass</a>
        <br><br><br><br>
...

:!: Abschließend ist ein Neustart des DansGuardian mit nachfolgendem Befehl notwendig:

# service dansguardian restart
Shutting down Web Content Filter (dansguardian):           [  OK  ]
Starting Web Content Filter (dansguardian):                [  OK  ]

Blacklists einbinden

Beim DansGuardian besteht weiterhin die Möglichkeit „Blacklists“ (Listen mit unerwünschten/erwünschten) Seiten einzubinden.

Ein Sammlung, allerdings kostenpflichtig, kann unter folgender Adresse heruntergeladen werden:

Nach dem erfolgreichen herunterladen der Datei bigblacklist.tar.gzin das Verzeichnis /tmp kann diese Datei mit folgendem Befehl entpackt werden:

# tar xzfv bigblacklist.tar.gz

Anschließend ist das Verzeichnis /tmp/bigblacklist entstanden, welches mit folgendem Befehl in das Verzeichnis /etc/dansguardian/lists kopiert werden kann:

# cp -ar /tmp/blacklists/ /etc/dansguardian/lists/
cp: overwrite `/etc/dansguardian/lists/blacklists/ads/domains'? y
cp: overwrite `/etc/dansguardian/lists/blacklists/ads/urls'? y

Mit nachfolgendem Befehl, werden noch die richtigen Benutzerrechte gesetzt:

# chown -R root.root /etc/dansguardian/lists/blacklists/

Der Inhalt des so entstandenen Verzeichnisses mit dem Namen /etc/dansguardian/lists/blacklists hat aktuell (bei Erstellung dieser Dokumentation) folgenden Inhalt an Verzeichnissen (90 Verzeichnisse, eine Kategoriendatei):

# ls -l
total 364
drwxr-xr-x 2 root root 4096 Jan  4 06:19 abortion
drwxr-xr-x 2 root root 4096 Jan  4 15:20 ads
drwxr-xr-x 2 root root 4096 Jan  4 06:19 adult
drwxr-xr-x 2 root root 4096 Jan  4 06:19 aggressive
drwxr-xr-x 2 root root 4096 Jan  4 06:19 alcohol
drwxr-xr-x 2 root root 4096 Jan  4 06:19 antispyware
drwxr-xr-x 2 root root 4096 Jan  4 06:19 artnudes
drwxr-xr-x 2 root root 4096 Jan  4 06:19 astrology
drwxr-xr-x 2 root root 4096 Jan  4 06:19 audio-video
drwxr-xr-x 2 root root 4096 Jan  4 06:19 banking
drwxr-xr-x 2 root root 4096 Jan  4 06:19 beerliquorinfo
drwxr-xr-x 2 root root 4096 Jan  4 06:19 beerliquorsale
drwxr-xr-x 2 root root 4096 Jan  4 06:19 blog
drwxr-xr-x 2 root root 4096 Jan  4 06:19 books
-rw-r--r-- 1 root root 4391 Jan  4 06:19 CATEGORIES
drwxr-xr-x 2 root root 4096 Jan  4 06:19 celebrity
drwxr-xr-x 2 root root 4096 Jan  4 06:19 cellphones
drwxr-xr-x 2 root root 4096 Jan  4 06:19 chat
drwxr-xr-x 2 root root 4096 Jan  4 06:19 child
drwxr-xr-x 2 root root 4096 Jan  4 06:19 childcare
drwxr-xr-x 2 root root 4096 Jan  4 06:19 cleaning
drwxr-xr-x 2 root root 4096 Jan  4 06:19 clothing
drwxr-xr-x 2 root root 4096 Jan  4 06:19 contraception
drwxr-xr-x 2 root root 4096 Jan  4 06:19 culinary
drwxr-xr-x 2 root root 4096 Jan  4 06:19 dating
drwxr-xr-x 2 root root 4096 Jan  4 06:19 desktopsillies
drwxr-xr-x 2 root root 4096 Jan  4 06:19 dialers
drwxr-xr-x 2 root root 4096 Jan  4 06:19 drugs
drwxr-xr-x 2 root root 4096 Jan  4 06:19 ecommerce
drwxr-xr-x 2 root root 4096 Jan  4 06:19 entertainment
drwxr-xr-x 2 root root 4096 Jan  4 06:19 filehosting
drwxr-xr-x 2 root root 4096 Jan  4 06:19 filesharing
drwxr-xr-x 2 root root 4096 Jan  4 06:19 financial
drwxr-xr-x 2 root root 4096 Jan  4 06:19 frencheducation
drwxr-xr-x 2 root root 4096 Jan  4 06:19 gambling
drwxr-xr-x 2 root root 4096 Jan  4 06:19 games
drwxr-xr-x 2 root root 4096 Jan  4 06:19 gardening
drwxr-xr-x 2 root root 4096 Jan  4 06:19 government
drwxr-xr-x 2 root root 4096 Jan  4 06:19 guns
drwxr-xr-x 2 root root 4096 Jan  4 06:19 hacking
drwxr-xr-x 2 root root 4096 Jan  4 06:19 homerepair
drwxr-xr-x 2 root root 4096 Jan  4 06:19 humor
drwxr-xr-x 2 root root 4096 Jan  4 06:19 hunting
drwxr-xr-x 2 root root 4096 Jan  4 06:19 hygiene
drwxr-xr-x 2 root root 4096 Jan  4 06:19 instantmessaging
drwxr-xr-x 2 root root 4096 Jan  4 06:19 jewelry
drwxr-xr-x 2 root root 4096 Jan  4 06:19 jobsearch
drwxr-xr-x 2 root root 4096 Jan  4 06:19 kidstimewasting
drwxr-xr-x 2 root root 4096 Jan  4 06:19 magazines
drwxr-xr-x 2 root root 4096 Jan  4 06:19 mail
drwxr-xr-x 2 root root 4096 Jan  4 06:19 malware
drwxr-xr-x 2 root root 4096 Jan  4 06:19 manga
drwxr-xr-x 2 root root 4096 Jan  4 06:19 marketingware
drwxr-xr-x 2 root root 4096 Jan  4 06:19 medical
drwxr-xr-x 2 root root 4096 Jan  4 06:19 mixed_adult
drwxr-xr-x 2 root root 4096 Jan  4 06:19 mobile-phone
drwxr-xr-x 2 root root 4096 Jan  4 06:19 naturism
drwxr-xr-x 2 root root 4096 Jan  4 06:19 news
drwxr-xr-x 2 root root 4096 Jan  4 06:19 onlineauctions
drwxr-xr-x 2 root root 4096 Jan  4 06:19 onlinegames
drwxr-xr-x 2 root root 4096 Jan  4 06:19 onlinepayment
drwxr-xr-x 2 root root 4096 Jan  4 06:19 personalfinance
drwxr-xr-x 2 root root 4096 Jan  4 06:19 pets
drwxr-xr-x 2 root root 4096 Jan  4 06:19 phishing
drwxr-xr-x 2 root root 4096 Jan  4 06:19 porn
drwxr-xr-x 2 root root 4096 Jan  4 06:19 press
drwxr-xr-x 2 root root 4096 Jan  4 06:19 proxy
drwxr-xr-x 2 root root 4096 Jan  4 06:19 radio
drwxr-xr-x 2 root root 4096 Jan  4 06:19 reaffected
drwxr-xr-x 2 root root 4096 Jan  4 06:19 religion
drwxr-xr-x 2 root root 4096 Jan  4 06:19 ringtones
drwxr-xr-x 2 root root 4096 Jan  4 06:19 searchengines
drwxr-xr-x 2 root root 4096 Jan  4 06:19 sect
drwxr-xr-x 2 root root 4096 Jan  4 06:19 sexuality
drwxr-xr-x 2 root root 4096 Jan  4 06:19 shopping
drwxr-xr-x 2 root root 4096 Jan  4 06:19 socialnetworking
drwxr-xr-x 2 root root 4096 Jan  4 06:19 sportnews
drwxr-xr-x 2 root root 4096 Jan  4 06:19 sports
drwxr-xr-x 2 root root 4096 Jan  4 06:19 spyware
drwxr-xr-x 2 root root 4096 Jan  4 06:19 tobacco
drwxr-xr-x 2 root root 4096 Jan  4 06:19 updatesites
drwxr-xr-x 2 root root 4096 Jan  4 06:19 vacation
drwxr-xr-x 2 root root 4096 Jan  4 06:19 verisign
drwxr-xr-x 2 root root 4096 Jan  4 06:19 violence
drwxr-xr-x 2 root root 4096 Jan  4 06:19 virusinfected
drwxr-xr-x 2 root root 4096 Jan  4 06:19 warez
drwxr-xr-x 2 root root 4096 Jan  4 06:19 weapons
drwxr-xr-x 2 root root 4096 Jan  4 06:19 weather
drwxr-xr-x 2 root root 4096 Jan  4 06:19 webmail
drwxr-xr-x 2 root root 4096 Jan  4 06:19 whitelist

In der Datei /etc/dansguardian/lists/blacklists/CATEGORIES, ist eine Beschreibung zu jeder der Kategorien hinterlegt. Weiterhin gibt es ein Verzeichnis mit dem Namen /etc/dangsguardian/lists/blacklists/whitelist welches eben wie der Name schon sagt eine Positiv-Liste ist und ebenfalls etwas anders als die anderen Verzeichnisse in den DansGuardian eingebunden werden sollte.

Die Konfiguration bzw. das Einbinden der Domain-Listen aus den einzelnen Verzeichnissen geschieht in der Datei /etc/dansguardian/bannedsitelist. Hier ist ebenfalls schon eine etwas kleinere Liste enthalten, welche aber aufgrund des neuen und aktuelleren Umfangs ignoriert werden sollte, jedoch als Vorlage dienen kann, wie die einzelnen Domain-Listen eingebunden werden können.

Hier ein Konfigurationsbeispiel für das einbinden der Domain-Listen in die DansGuardian-Konfigurationsdatei /etc/dansguardian/lists/bannedsitelist (nur relevanter Ausschnitt):

...
# You will need to edit to add and remove categories you want
 
# Tachtler
# BigBlacklist from 2010-01-04
#.Include</etc/dansguardian/lists/blacklists/abortion/domains>
#.Include</etc/dansguardian/lists/blacklists/ads/domains>
#.Include</etc/dansguardian/lists/blacklists/adult/domains>
#.Include</etc/dansguardian/lists/blacklists/aggressive/domains>
#.Include</etc/dansguardian/lists/blacklists/alcohol/domains>
#.Include</etc/dansguardian/lists/blacklists/antispyware/domains>
#.Include</etc/dansguardian/lists/blacklists/artnudes/domains>
#.Include</etc/dansguardian/lists/blacklists/astrology/domains>
#.Include</etc/dansguardian/lists/blacklists/audio-video/domains>
#.Include</etc/dansguardian/lists/blacklists/banking/domains>
#.Include</etc/dansguardian/lists/blacklists/beerliquorinfo/domains>
#.Include</etc/dansguardian/lists/blacklists/beerliquorsale/domains>
#.Include</etc/dansguardian/lists/blacklists/blog/domains>
#.Include</etc/dansguardian/lists/blacklists/books/domains>
#.Include</etc/dansguardian/lists/blacklists/celebrity/domains>
#.Include</etc/dansguardian/lists/blacklists/cellphones/domains>
#.Include</etc/dansguardian/lists/blacklists/chat/domains>
#.Include</etc/dansguardian/lists/blacklists/child/domains>
#.Include</etc/dansguardian/lists/blacklists/childcare/domains>
#.Include</etc/dansguardian/lists/blacklists/cleaning/domains>
#.Include</etc/dansguardian/lists/blacklists/clothing/domains>
#.Include</etc/dansguardian/lists/blacklists/contraception/domains>
#.Include</etc/dansguardian/lists/blacklists/culinary/domains>
#.Include</etc/dansguardian/lists/blacklists/dating/domains>
#.Include</etc/dansguardian/lists/blacklists/desktopsillies/domains>
#.Include</etc/dansguardian/lists/blacklists/dialers/domains>
#.Include</etc/dansguardian/lists/blacklists/drugs/domains>
#.Include</etc/dansguardian/lists/blacklists/ecommerce/domains>
#.Include</etc/dansguardian/lists/blacklists/entertainment/domains>
#.Include</etc/dansguardian/lists/blacklists/filehosting/domains>
#.Include</etc/dansguardian/lists/blacklists/filesharing/domains>
#.Include</etc/dansguardian/lists/blacklists/financial/domains>
#.Include</etc/dansguardian/lists/blacklists/frencheducation/domains>
#.Include</etc/dansguardian/lists/blacklists/gambling/domains>
#.Include</etc/dansguardian/lists/blacklists/games/domains>
#.Include</etc/dansguardian/lists/blacklists/gardening/domains>
#.Include</etc/dansguardian/lists/blacklists/government/domains>
#.Include</etc/dansguardian/lists/blacklists/guns/domains>
#.Include</etc/dansguardian/lists/blacklists/hacking/domains>
#.Include</etc/dansguardian/lists/blacklists/homerepair/domains>
#.Include</etc/dansguardian/lists/blacklists/humor/domains>
#.Include</etc/dansguardian/lists/blacklists/hunting/domains>
#.Include</etc/dansguardian/lists/blacklists/hygiene/domains>
#.Include</etc/dansguardian/lists/blacklists/instantmessaging/domains>
#.Include</etc/dansguardian/lists/blacklists/jewelry/domains>
#.Include</etc/dansguardian/lists/blacklists/jobsearch/domains>
#.Include</etc/dansguardian/lists/blacklists/kidstimewasting/domains>
#.Include</etc/dansguardian/lists/blacklists/magazines/domains>
#.Include</etc/dansguardian/lists/blacklists/mail/domains>
#.Include</etc/dansguardian/lists/blacklists/malware/domains>
#.Include</etc/dansguardian/lists/blacklists/manga/domains>
#.Include</etc/dansguardian/lists/blacklists/marketingware/domains>
#.Include</etc/dansguardian/lists/blacklists/medical/domains>
#.Include</etc/dansguardian/lists/blacklists/mixed_adult/domains>
#.Include</etc/dansguardian/lists/blacklists/mobile-phone/domains>
#.Include</etc/dansguardian/lists/blacklists/naturism/domains>
#.Include</etc/dansguardian/lists/blacklists/news/domains>
#.Include</etc/dansguardian/lists/blacklists/onlineauction/domains>s
#.Include</etc/dansguardian/lists/blacklists/onlinegames/domains>
#.Include</etc/dansguardian/lists/blacklists/onlinepayment/domains>
#.Include</etc/dansguardian/lists/blacklists/personalfinance/domains>
#.Include</etc/dansguardian/lists/blacklists/pets/domains>
#.Include</etc/dansguardian/lists/blacklists/phishing/domains>
#.Include</etc/dansguardian/lists/blacklists/porn/domains>
#.Include</etc/dansguardian/lists/blacklists/press/domains>
#.Include</etc/dansguardian/lists/blacklists/proxy/domains>
#.Include</etc/dansguardian/lists/blacklists/radio/domains>
#.Include</etc/dansguardian/lists/blacklists/reaffected/domains>
#.Include</etc/dansguardian/lists/blacklists/religion/domains>
#.Include</etc/dansguardian/lists/blacklists/ringtones/domains>
#.Include</etc/dansguardian/lists/blacklists/searchengines/domains>
#.Include</etc/dansguardian/lists/blacklists/sect/domains>
#.Include</etc/dansguardian/lists/blacklists/sexuality/domains>
#.Include</etc/dansguardian/lists/blacklists/shopping/domains>
#.Include</etc/dansguardian/lists/blacklists/socialnetworking/domains>
#.Include</etc/dansguardian/lists/blacklists/sportnews/domains>
#.Include</etc/dansguardian/lists/blacklists/sports/domains>
#.Include</etc/dansguardian/lists/blacklists/spyware/domains>
#.Include</etc/dansguardian/lists/blacklists/tobacco/domains>
#.Include</etc/dansguardian/lists/blacklists/updatesites/domains>
#.Include</etc/dansguardian/lists/blacklists/vacation/domains>
#.Include</etc/dansguardian/lists/blacklists/verisign/domains>
#.Include</etc/dansguardian/lists/blacklists/violence/domains>
#.Include</etc/dansguardian/lists/blacklists/virusinfected/domains>
#.Include</etc/dansguardian/lists/blacklists/warez/domains>
#.Include</etc/dansguardian/lists/blacklists/weapons/domains>
#.Include</etc/dansguardian/lists/blacklists/weather/domains>
#.Include</etc/dansguardian/lists/blacklists/webmail/domains>
...

Die Datei /etc/dansguardian/lists/blacklists/whitelist kann in der DansGuardian-Konfigurationsdatei /etc/dansguardian/lists/exceptionsitelist ebenfalls wie folgt eingebunden werden:

# BigBlackList from 2010-01-04 (whitelist)
.Include</etc/dansguardian/lists/blacklists/whitelist/domains>

Anschließend ist ein neustart des [http://dansguardian.org|DansGuardian]] erforderlich, welcher mit folgendem Befehl durchgeführt werden kann:

# service dansguardian restart

Probleme nach dem einbinden der Blacklists

Evtl. kann es sein, dass auch ein Zugriff auf Google nicht mehr möglich ist. Die ist eine Resultat davon, dass es eine Blacklist gibt in der Suchmaschinen wie Google gelistet sind. Die Datei hat den Namen /etc/dansguardian/lists/blacklists/searchengines/domains.

Das Auffinden von evtl. erwünschten, jedoch gesperrten Seiten kann mit folgendem Befehl durchgeführt werden:

# grep -r google.de /etc/dansguardian/lists/blacklists/*
/etc/dansguardian/lists/blacklists/adult/domains:google-defloration.com
/etc/dansguardian/lists/blacklists/adult/domains:videogoogle.de
/etc/dansguardian/lists/blacklists/adult/urls:google.de/notebook/public/05160677075035842971/bdrkwsgoq2iiezpwj
/etc/dansguardian/lists/blacklists/adult/urls:google.de/notebook/public/09859990722265856606/bdsuciwoqgknn4zwj
/etc/dansguardian/lists/blacklists/adult/urls:google.de/top/adult/arts/performing_arts/acting/porn_stars/female
/etc/dansguardian/lists/blacklists/audio-video/domains:video.google.de
/etc/dansguardian/lists/blacklists/news/domains:news.google.de
/etc/dansguardian/lists/blacklists/religion/urls:books.google.de/books
/etc/dansguardian/lists/blacklists/searchengines/domains:google.de

Abhilfe schafft hier das einfache Auskommentieren der entsprechenden Einträge in den entsprechenden Dateien, hier z.B. /etc/dansguardian/lists/blacklists/searchengines/domains, was wie folgt aussehen kann:

Vorher:

google.de
Nachher:
# google.de

Virenscanner einbinden

Mit der DansGuardian-Version 2.9.0.1 besitzt DansGuardian nun die möglichkeit einen Virenscanner einzubinden.

Im folgenden soll der Virenscanner ClamAV eingebunden werden.

Ein Installationsanleitung kann hier gefunden werden, diese stammt aus der Beschreibung der Installation von ClamAV im Rahmen der Installation von Postfix

Nach erfolgreicher Installation von ClamAV sind folgende Änderungen in den Konfigurationsdateien von DansGuardian durchzuführen:

  • /etc/dansguardian/dansguardian.conf
  • /etc/dansguardian/contentscanners/clamdscan.conf

Folgende Änderungen welche mit

# Tachtler
gekennzeichnet sind, müssen abgeändert werden!

Zuerst die Konfigurationsdatei /etc/dansguardian/dansguardian.conf (nur relevanter Ausschnitt):

...
# Content Scanners (Also known as AV scanners)
# These are plugins that scan the content of all files your browser fetches
# for example to AV scan.  The options are limitless.  Eventually all of
# DansGuardian will be plugin based.  You can have more than one content
# scanner. The plugins are run in the order you specify.
# This is one of the few places you can have multiple options of the same name.
#
# Some of the scanner(s) require 3rd party software and libraries eg clamav.
# See the individual plugin conf file for more options (if any).
#
#!! Not compiled !! contentscanner = '/etc/dansguardian/contentscanners/clamav.conf'
# Tachtler
# default: #contentscanner = '/etc/dansguardian/contentscanners/clamdscan.conf'
contentscanner = '/etc/dansguardian/contentscanners/clamdscan.conf'
#!! Unimplemented !! contentscanner = '/etc/dansguardian/contentscanners/kavav.conf'
#!! Not compiled !! contentscanner = '/etc/dansguardian/contentscanners/kavdscan.conf'
#!! Not compiled !! contentscanner = '/etc/dansguardian/contentscanners/icapscan.conf'
#!! Not compiled !! contentscanner = '/etc/dansguardian/contentscanners/commandlinescan.conf'
...

Anschließend die Konfigurationsdatei /etc/dansguardian/contentscanners/clamdscan.conf:

plugname = 'clamdscan'
 
# edit this to match the location of your ClamD UNIX domain socket
# Tachtler
# default: #clamdudsfile = '/var/run/clamav/clamd.sock'
clamdudsfile = '/var/run/clamav/clamd.sock'
 
# If this string is set, the text it contains shall be removed from the
# beginning of filenames when passing them to ClamD.
# Use it to - for example - support a ClamD running inside a chroot jail:
# if DG's filecachedir is set to "/var/clamdchroot/downloads/" and pathprefix
# is set to "/var/clamdchroot", then file names given to ClamD will be of the
# form "/downloads/tf*" instead of "/var/clamdchroot/downloads/tf*".
#pathprefix = '/var/clamdchroot'
 
exceptionvirusmimetypelist = '/etc/dansguardian/lists/contentscanners/exceptionvirusmimetypelist'
exceptionvirusextensionlist = '/etc/dansguardian/lists/contentscanners/exceptionvirusextensionlist'
exceptionvirussitelist = '/etc/dansguardian/lists/contentscanners/exceptionvirussitelist'
exceptionvirusurllist = '/etc/dansguardian/lists/contentscanners/exceptionvirusurllist'

:!: WICHTIG - Es ist erforderlich, dass die Benutzerkennung unter der der ClamAV läuft, Mitglied in der Gruppe der Benutzergruppe ist, unter der der DansGuardian läuft!

Die Benutzerkennung unter der der ClamAV läuft ist unter CentOS

  • clamav

Die Benutzerkennung unter der der DansGuardian läuft ist unter CentOS

  • dansguardian

Folgender Befehl fügt die Benutzerkennung clamav der Benutzergruppe dansguardian hinzu:

# usermod -a -G dansguardian clamav

Eine Überprüfung, ob das Hinzufügen erfolgreich war, kann mit nachfolgendem Befehl durchgeführt werden:

# cat /etc/group | grep dansguardian
dansguardian:x:497:clamav

:!: Ein Neustart des ClamAV-Daemons mit nachfolgendem Befehl ist notwendig:

# service clamd restart
Stopping Clam AntiVirus Daemon:                            [  OK  ]
Starting Clam AntiVirus Daemon:                            [  OK  ]

:!: Abschließend ist ein Neustart des DansGuardian mit nachfolgendem Befehl notwendig:

# service dansguardian restart
Shutting down Web Content Filter (dansguardian):           [  OK  ]
Starting Web Content Filter (dansguardian):                [  OK  ]

:!: HIWNEIS - Ggf. kann auch ein Neustart des Servers erforderlich sein, wenn z.B. die Fehlermeldung:

  • Could not perform virus scan

erscheinen sollte !!!

Starten des dansguardian-Daemons

Um den DansGuardian zu starten kann folgender Befehl angewandt werden:

# service dansguardian start
Starting Web Content Filter (dansguardian):                [  OK  ]

Um den DansGuardian zu stoppen kann folgender Befehl angewandt werden:

# service danguardian stop
Shutting down Web Content Filter (dansguardian):           [  OK  ]

Eine Überprüfung ob der Start des DansGuardian erfolgreich war kann mit folgendem Befehl durchgeführt werden, welcher nachfolgende Ausgabe erzeugen sollte:

# netstat -tulpen
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address               Foreign Address             State       User       Inode      PID/Program name             
tcp        0      0 0.0.0.0:8080                0.0.0.0:*                   LISTEN      99         1406112    1042/dansguardian 

Um den dansguardian-Daemon dauerhaft bei jedem Neustart des Rechners automatisch zu starten geben Sie bitte als root folgenden Befehl ein, um zu überprüfen wie die aktuelle Konfiguration des Startverhaltens des aktuellen dansguardian-Daemons aussieht:

# chkconfig --list | grep dansguardian
dansguardian    0:off   1:off   2:off   3:off   4:off   5:off   6:off

Falls die Ausgabe wie oben gezeigt erscheinen sollte, wird der dansguardian-Daemon nicht bei jedem Neustart des Rechners gestartet. Um dies zu ändern geben Sie bitte folgende Befehle ein:

# chkconfig dansguardian on
* Aktivieren des automatischen Startens des dansguardian-Daemons.

Das erneute Eingeben des Befehls zur Überprüfung, wie die aktuelle Konfiguration des Startverhaltens des dansguardian-Daemons aussieht, sollte dann wie folgt erscheinen:

# chkconfig --list | grep dansguardian
dansguardian    0:off   1:off   2:on    3:on    4:on    5:on    6:off

Browserkonfiguration

Bitte stellen Sie die Proxy-Einstellungen Ihres Browsers wie folgt ein:

  • Proxy 127.0.0.1
  • Port 8080

DansGuardian Optimierung

Folgende Standard-Einstellungen in der Konfigurationsdatei /etc/dansguardian/dansguardian.conf führen zu einem durchaus ordentlichen RAM-Speicherverbrauch (nur relevanter Ausschnitt):

...
# Fork pool options
 
# sets the maximum number of processes to sporn to handle the incomming
# connections.  Max value usually 250 depending on OS.
# On large sites you might want to try 180.
# Tachtler
# default: maxchildren = 120
maxchildren = 80
 
 
# sets the minimum number of processes to sporn to handle the incomming connections.
# On large sites you might want to try 32.
# Tachtler
# default: minchildren = 8
minchildren = 4
 
 
# sets the minimum number of processes to be kept ready to handle connections.
# On large sites you might want to try 8.
# Tachtler
# default: minsparechildren = 4
minsparechildren = 2
 
 
# sets the minimum number of processes to sporn when it runs out
# On large sites you might want to try 10.
# Tachtler
# default: preforkchildren = 6
preforkchildren = 4
 
 
# sets the maximum number of processes to have doing nothing.
# When this many are spare it will cull some of them.
# On large sites you might want to try 64.
# Tachtler
# default: maxsparechildren = 32
maxsparechildren = 8
...

:!: Dies führte bei meinem System nach ein paar Tagen Laufzeit bis zu einer Belegung von

  • 25 DansGuardian-Prozessen á 4 MB = 100MB

mit Leerlaufprozessen!

:!: Mit den durch # Tachtler gekennzeichneten Einstellungen, kann bei home-System, wie ich es eines betreibe, der Speicherverbrauch auf

  • 6-8 DansGuardian-Prozessen á 4 MB = max. 32MB

mit Leerlaufprozessen gesenkt werden!

Log Analyzer for DansGuardian

Als zusätzliches Add-on zum DansGuardian kann unter folgender Adresse der „Log Analyzer for DansGuardian“ kostenlos heruntergeladen werden. Auf dieser Seite sind auch Bildschirmkopien zu finden.

Download "Log Analyzer for DansGuardian

Es handelt sich hier um ein Perl-Script welches wie ein CGI-Script durch einen Webserver wie z.B. Apache HTTP Webserver ausgeführt werden kann.

Zu beachten ist, das das Script in einem CGI-Verzeichnis oder einem Verzeichnis auf dem Apache HTTP Webserver zu erreichen sein muss. Evtl. kann auch ein eigener Virtueller Host im Apache HTTP Webserver dafür definiert werden.

Installation Systemvoraussetzungen Log Analyzer for DansGuardian

Zur Installation eines Download "Log Analyzer for DansGuardian" werden nachfolgende Pakete benötigt:

  • perl - ist im base-Repository von CentOS enthalten –> :!: HINWEIS - Meist bereits installiert !!!
  • perl-CGI - ist im base-Repository von CentOS enthalten
  • perl-Compress-Zlib - ist im base-Repository von CentOS enthalten

installiert werden.

Mit nachfolgendem Befehl, wird das Paket perl-CGI installiert:

# yum install perl-CGI
Loaded plugins: fastestmirror, priorities
Loading mirror speeds from cached hostfile
 * base: ftp.plusline.de
 * extras: ftp.plusline.de
 * rpmforge: ftp-stud.fht-esslingen.de
 * updates: ftp.plusline.de
1 packages excluded due to repository priority protections
Setting up Install Process
Resolving Dependencies
--> Running transaction check
---> Package perl-CGI.x86_64 0:3.49-115.el6 set to be updated
--> Finished Dependency Resolution

Dependencies Resolved

================================================================================
 Package           Arch            Version                  Repository     Size
================================================================================
Installing:
 perl-CGI          x86_64          3.49-115.el6             base          191 k

Transaction Summary
================================================================================
Install       1 Package(s)
Upgrade       0 Package(s)

Total download size: 191 k
Installed size: 401 k
Is this ok [y/N]: y
Downloading Packages:
perl-CGI-3.49-115.el6.x86_64.rpm                         | 191 kB     00:00     
Running rpm_check_debug
Running Transaction Test
Transaction Test Succeeded
Running Transaction
  Installing     : perl-CGI-3.49-115.el6.x86_64                             1/1 

Installed:
  perl-CGI.x86_64 0:3.49-115.el6                                                

Complete!

Mit nachfolgendem Befehl, wird das Paket perl-Compress-Zlib installiert:

# yum install perl-Compress-Zlib
Loaded plugins: fastestmirror, priorities
Loading mirror speeds from cached hostfile
 * base: ftp.plusline.de
 * extras: ftp.plusline.de
 * rpmforge: ftp-stud.fht-esslingen.de
 * updates: ftp.plusline.de
1 packages excluded due to repository priority protections
Setting up Install Process
Resolving Dependencies
--> Running transaction check
---> Package perl-Compress-Zlib.x86_64 0:2.020-115.el6 set to be updated
--> Processing Dependency: perl(Compress::Raw::Zlib) >= 2.020 for package: perl-Compress-Zlib-2.020-115.el6.x86_64
--> Processing Dependency: perl(IO::Uncompress::Gunzip) >= 2.020 for package: perl-Compress-Zlib-2.020-115.el6.x86_64
--> Processing Dependency: perl(IO::Compress::Gzip) >= 2.020 for package: perl-Compress-Zlib-2.020-115.el6.x86_64
--> Processing Dependency: perl(IO::Compress::Base::Common) >= 2.020 for package: perl-Compress-Zlib-2.020-115.el6.x86_64
--> Processing Dependency: perl(IO::Compress::Gzip::Constants) >= 2.020 for package: perl-Compress-Zlib-2.020-115.el6.x86_64
--> Running transaction check
---> Package perl-Compress-Raw-Zlib.x86_64 0:2.023-115.el6 set to be updated
---> Package perl-IO-Compress-Base.x86_64 0:2.020-115.el6 set to be updated
---> Package perl-IO-Compress-Zlib.x86_64 0:2.020-115.el6 set to be updated
--> Finished Dependency Resolution

Dependencies Resolved

================================================================================
 Package                      Arch         Version             Repository  Size
================================================================================
Installing:
 perl-Compress-Zlib           x86_64       2.020-115.el6       base        42 k
Installing for dependencies:
 perl-Compress-Raw-Zlib       x86_64       2.023-115.el6       base        66 k
 perl-IO-Compress-Base        x86_64       2.020-115.el6       base        65 k
 perl-IO-Compress-Zlib        x86_64       2.020-115.el6       base       132 k

Transaction Summary
================================================================================
Install       4 Package(s)
Upgrade       0 Package(s)

Total download size: 305 k
Installed size: 689 k
Is this ok [y/N]: y
Downloading Packages:
(1/4): perl-Compress-Raw-Zlib-2.023-115.el6.x86_64.rpm   |  66 kB     00:00     
(2/4): perl-Compress-Zlib-2.020-115.el6.x86_64.rpm       |  42 kB     00:00     
(3/4): perl-IO-Compress-Base-2.020-115.el6.x86_64.rpm    |  65 kB     00:00     
(4/4): perl-IO-Compress-Zlib-2.020-115.el6.x86_64.rpm    | 132 kB     00:00     
--------------------------------------------------------------------------------
Total                                           291 kB/s | 305 kB     00:01     
Running rpm_check_debug
Running Transaction Test
Transaction Test Succeeded
Running Transaction
  Installing     : perl-Compress-Raw-Zlib-2.023-115.el6.x86_64              1/4 
  Installing     : perl-IO-Compress-Base-2.020-115.el6.x86_64               2/4 
  Installing     : perl-IO-Compress-Zlib-2.020-115.el6.x86_64               3/4 
  Installing     : perl-Compress-Zlib-2.020-115.el6.x86_64                  4/4 

Installed:
  perl-Compress-Zlib.x86_64 0:2.020-115.el6                                     

Dependency Installed:
  perl-Compress-Raw-Zlib.x86_64 0:2.023-115.el6                                 
  perl-IO-Compress-Base.x86_64 0:2.020-115.el6                                  
  perl-IO-Compress-Zlib.x86_64 0:2.020-115.el6                                  

Complete!

Mit nachfolgendem Befehl kann überprüft werden, welche Inhalte mit den Paket perl-CGI installiert wurden.

# rpm -qil perl-CGI
Name        : perl-CGI                     Relocations: (not relocatable)
Version     : 3.49                              Vendor: CentOS
Release     : 115.el6                       Build Date: Fri 12 Nov 2010 02:41:15 AM CET
Install Date: Wed 02 Nov 2011 04:03:44 PM CET      Build Host: c6b4.bsys.dev.centos.org
Group       : Development/Libraries         Source RPM: perl-5.10.1-115.el6.src.rpm
Size        : 410902                           License: GPL+ or Artistic
Signature   : RSA/8, Sun 03 Jul 2011 06:54:39 AM CEST, Key ID 0946fca2c105b9de
Packager    : CentOS BuildSystem <http://bugs.centos.org>
URL         : http://www.perl.org/
Summary     : Handle Common Gateway Interface requests and responses
Description :
CGI.pm is a stable, complete and mature solution for processing and
preparing HTTP requests and responses. Major features including processing
form submissions, file uploads, reading and writing cookies, query string
generation and manipulation, and processing and preparing HTTP headers.
Some HTML generation utilities are included as well.
/usr/share/man/man3/CGI.3pm.gz
/usr/share/man/man3/CGI::Apache.3pm.gz
/usr/share/man/man3/CGI::Carp.3pm.gz
/usr/share/man/man3/CGI::Cookie.3pm.gz
/usr/share/man/man3/CGI::Fast.3pm.gz
/usr/share/man/man3/CGI::Pretty.3pm.gz
/usr/share/man/man3/CGI::Push.3pm.gz
/usr/share/man/man3/CGI::Switch.3pm.gz
/usr/share/man/man3/CGI::Util.3pm.gz
/usr/share/perl5/CGI
/usr/share/perl5/CGI.pm
/usr/share/perl5/CGI/Apache.pm
/usr/share/perl5/CGI/Carp.pm
/usr/share/perl5/CGI/Cookie.pm
/usr/share/perl5/CGI/Fast.pm
/usr/share/perl5/CGI/Pretty.pm
/usr/share/perl5/CGI/Push.pm
/usr/share/perl5/CGI/Switch.pm
/usr/share/perl5/CGI/Util.pm

Mit nachfolgendem Befehl kann überprüft werden, welche Inhalte mit den Paket perl-Compress-Zlib installiert wurden.

# rpm -qil perl-Compress-Zlib
Name        : perl-Compress-Zlib           Relocations: (not relocatable)
Version     : 2.020                             Vendor: CentOS
Release     : 115.el6                       Build Date: Fri 12 Nov 2010 02:41:15 AM CET
Install Date: Wed 02 Nov 2011 04:09:02 PM CET      Build Host: c6b4.bsys.dev.centos.org
Group       : Development/Libraries         Source RPM: perl-5.10.1-115.el6.src.rpm
Size        : 52167                            License: GPL+ or Artistic
Signature   : RSA/8, Sun 03 Jul 2011 06:54:45 AM CEST, Key ID 0946fca2c105b9de
Packager    : CentOS BuildSystem <http://bugs.centos.org>
URL         : http://www.perl.org/
Summary     : A module providing Perl interfaces to the zlib compression library
Description :
The Compress::Zlib module provides a Perl interface to the zlib
compression library. Most of the functionality provided by zlib is
available in Compress::Zlib.

The module can be split into two general areas of functionality,
namely in-memory compression/decompression and read/write access to
gzip files.
/usr/lib64/perl5/Compress/Zlib.pm
/usr/lib64/perl5/auto/Compress/Zlib
/usr/lib64/perl5/auto/Compress/Zlib/autosplit.ix
/usr/share/man/man3/Compress::Zlib.3pm.gz

Apache VHOST für Log Analyzer for DansGuardian

Nachstehend soll ein möglicher virtueller Host welcher unter dem Apache HTTP Server realisiert werden kann für den Web-Anwendungsbereich des Log Analyzer for DansGuardian als Beispiel dargestellt werden.

Nachfolgende Konfigurationsdatei in nachfolgendem Verzeichnis und mit nachfolgendem Namen

  • /etc/httpd/conf.d/dgloganalyzer.conf

könnte wie folgt realisiert werden:

NameVirtualHost *:80
 
#
# dgloganalyzer.tachtler.net (Log Analyzer for DansGuardian)
#
<VirtualHost _default_:80>
        ServerAdmin webmaster@tachtler.net
        ServerName dgloganalyzer.tachtler.net
        ServerAlias www.dgloganalyzer.tachtler.net
        ServerPath /
        DocumentRoot "/var/www/dgloganalyzer"
        <Directory "/var/www/dgloganalyzer">
                Options -Indexes FollowSymLinks ExecCGI
                # Tachtler (enable for .htaccess file support)
                # AllowOverride AuthConfig
                AllowOverride None
                # Tachtler (enable for unlimited access)
                Order allow,deny
                Allow from all
        </Directory>
 
        DirectoryIndex dglog.pl
 
        ErrorLog logs/dgloganalyzer_error.log
        CustomLog logs/dgloganalyzer_access.log combined 
</VirtualHost>

:!: Wichtig sind hier folgende Definitionen:

AddHandler cgi-script .pl
* Ausführbarkeit von Perl-Scripte für den Apache HTTP Webserver und
Options -Indexes FollowSymLinks ExecCGI
* Ausführen von CGI-Scripten für diesen virtuellen Host des Apache HTTP Webserver
DirectoryIndex dglog.pl
* Startdatei für den Apache HTTP Webserver, damit das Perl-Script beim Aufruf des Virtuellen Hosts gleich ausgeführt wird.

Wie in der Definition des Virtuellen Hosts dargestellt hat das Perl-Script den Namen dglog.pl.

Um das Perl-Script dglog.pl auch ausführen zu können, kann mit folgendem Befehl die Ausführung der Datei ermöglicht werden:

# chmod 750 dglog.pl

Ein Aufruf kann dann über die URL http://www.dgloganalyzer.tachtler.net erfolgen!

Cookies helfen bei der Bereitstellung von Inhalten. Durch die Nutzung dieser Seiten erklären Sie sich damit einverstanden, dass Cookies auf Ihrem Rechner gespeichert werden. Weitere Information
tachtler/dansguardian_centos_6.txt · Zuletzt geändert: 2014/11/06 10:28 von klaus